Skip to main content
tz_sit
tz_sit
New Member
May 14, 2023
Question

Fortigate IPv6 GUI Bug for SSL VPN - Telekom Deutschland

  • May 14, 2023
  • 3 replies
  • 2560 views

Hello,
I'm trying to implement IPv6 in our test environment and I'm having some difficulties.
We are using a Fortigate 60F with FortiOS 7.2.4 and a VDSL connection from Telekom in Germany.

IPv4 works fine for us. The dial-up is done via PPPoe behind a modem. We also get our fixed IPv4 address and so far everything works fine.

Now I wanted to activate IPv6 on this interface accordingly. I have followed the instructions and tips that I could find on the Internet. However, something still does not seem to work properly. Namely, no IP address is displayed in the GUI under IPv6-address. But via the CLI I can see that the interface has been assigned an IP address. I can also assign an IPv6 subnet to other VLANs and the devices get an IP address accordingly and can also connect to the Internet.

My problem now is that I cannot make SSL VPN settings for IPv6. When I add the interface in the SSL VPN settings, I do not see an IPv6 address, but only the IPv4 address.
Does anyone know what is causing this? We are planning to implement VPN over IPv6 as well, since more and more users are having problems when working from home.

Here is my current configuration for this:

 

SIT-FW01 (wan2-pppoe) # show config system interface     edit "wan2-pppoe"         set vdom "root"         set mode pppoe         set status down         set type tunnel         set monitor-bandwidth enable         set role wan         set snmp-index 33         config ipv6             set ip6-allowaccess ping             set dhcp6-prefix-delegation enable             set autoconf enable             config dhcp6-iapd-list                 edit 1                     set prefix-hint 2003:a:xxxx:xxxx::/56                 next             end         end         set interface "wan2"     next end config system pppoe-interface     edit "wan2-pppoe"         set ipv6 enable         set device "wan2"         set username "00234308XXXXXXX0001@t-online.de"         set password PASSWORD     next end

 

And if I look via the CLI, I can see that the interface got an IPv6 address (and I can execute ping6 via the CLI):

(I removed some information of the IP due to privacy reasons)

SIT-FW01 # get router info6 interface wan2-pppoe                 [running/up]     2003:a:37f:a52e:96f3:xxxx:xxxx:86a7     fe80::96f3:xxxx:xxxx:86a7

3 replies

Anthony_E
Staff
Anthony_E
Staff
May 17, 2023

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
Anthony_E
Staff
Anthony_E
Staff
May 19, 2023

Hello,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Best Regards
Christian_89
Christian_89
Contributor III
May 19, 2023

Based on the information provided, it seems that the FortiGate 60F interface has been assigned an IPv6 address via CLI, but it is not displayed in the GUI. Additionally, when configuring SSL VPN settings, only the IPv4 address is shown instead of the IPv6 address. This can be resolved by following these steps:

  1. Verify GUI Display Settings: Double-check the GUI settings to ensure that IPv6 addresses are enabled to be displayed. In the FortiGate web interface, navigate to System > Config > Features and confirm that "IPv6 Display" is enabled.

  2. Check SSL VPN Configuration: Ensure that the SSL VPN settings are correctly configured for IPv6. In the SSL VPN configuration, go to VPN > SSL-VPN Settings and review the settings for IPv6. Ensure that the IPv6 address is correctly configured and associated with the appropriate interface.

  3. Update Firmware: Check if there are any available firmware updates for your FortiGate device. Keeping the firmware up to date can address known issues and improve functionality. Consider updating to the latest firmware version compatible with your FortiGate 60F model.

  4. Review System Logs: Monitor the system logs on your FortiGate device for any relevant error or warning messages related to IPv6 or SSL VPN. This can provide insights into any potential configuration issues or conflicts.

Terms & ConditionsAccessibility statement